Thanks for the info. Yeah, I just saw yesterday that even my barebones, locked-down ISP router has the option to override the DNS server addresses it hands out. I would change things there but I don't want to break anything for anybody else on the network. I was going to set the inkPalm to AdGuard's servers to make up for the inability to use AdAway on this device or run another app that sets up a VPN.
I've honestly never had an Android device before that had locked down that part. I can't for the of life me understand why... I now suddenly see the value in having a Pi-hole set up
Hey, congrats, it's a great e-reader
No. I'm not an expert in security (or networking for that matter) in the slightest. There could be innocuous explanations for everything too. Like I've said that NetGuard doesn't work, and I'm quite sure of that too. NetGuard relies on the VPN functionality of Android, and that does seem broken here - when NG was active, the device's settings still said the VPN was off and it wouldn't let me turn on the always-on setting (this works without issue on my Samsung phone and Nova 3). Since this is a device meant to be sold only in China, Xiaomi may have to intentionally prevent the VPN functionality from working. But I haven't tested any other program that uses Android's VPN functionality, like Blokada or AdGuard or Intra or DNS66.
And I do find the locked down network settings annoying, but a DNS leak test shows the device using my ISP's DNS servers so there's no privacy issue there.
I still maintain the inclusion of a microphone without a corresponding speaker is odd (I might have damaged mine in my attempts to boot this thing into FEL mode and I'm not even sad about it) but it could be just easily be a compromise to include dictaphone functionality without compromising the weight of the device.
I haven't done a proper analysis (and I'm not sure I would be able to) but according to this device's logcat,
http://captive.v2ex.co/generate_204 is contacted much like connectivitycheck.gstatic.com/generate_204 etc. usually is on a "normal" Android phone to check for Wi-Fi networks where you have to sign in. iotapi.adups.com is contacted every time the Wi-Fi is connected to check for firmware updates - from what I can see, there is nothing excessive sent at all.
I've not seen any evidence of this device trying to siphon data from other devices, for what it's worth. To be honest, the only reason I would connect it to Wi-Fi in the first place is to let Moon Reader sync book positions so I can pick up on my Boox. With a gig of RAM, browsing sites isn't probably going to be a comfortable experience.
---
This device does seem to use PWM for its backlight
but for the price, I guess that's no surprise:
Code:
virgo-perf1:/proc/lm3630a $ zcat /proc/config.gz | grep PWM
# CONFIG_INPUT_PWM_BEEPER is not set
# CONFIG_SENSORS_PWM_FAN is not set
# CONFIG_REGULATOR_PWM is not set
# CONFIG_BACKLIGHT_PWM is not set
# CONFIG_LEDS_PWM is not set
# CONFIG_COMMON_CLK_PWM is not set
CONFIG_PWM=y
CONFIG_PWM_SYSFS=y
# CONFIG_PWM_FSL_FTM is not set
# CONFIG_PWM_PCA9685 is not set
# CONFIG_PWM_SUN4I is not set
CONFIG_PWM_SUNXI=y
virgo-perf1:/proc/lm3630a $ ls
debug_brightness leda_brightness ledb_brightness on_off_ramp runtime_ramp
debug_enable leda_max_cur ledb_max_cur pwm_level
virgo-perf1:/proc/lm3630a $